I've got a mess

Barry Margolin barmar at alum.mit.edu
Wed Apr 21 19:24:52 UTC 2004 

In article <c66ava$m69$1 at sf1.isc.org>,
 "Michael Barber" <mikeb at comcity.com> wrote:

> Bill:  I think my slave is correctly pulling from the Master at this point.
> I think that issue was the result of the primary not being correct in the
> glue record that was causing some strange behavoir.  But, in in an earlier
> email you indicated that my secondary was "Not authoritative" and when I go
> to nslookup on the secondary the queries say "Not authoritative"....I
> thought it was suppose to do that because it pulls from the primary so I
> didn't think that was an issue.

Master and slave servers should both be authoritative for the zones they 
host.

> What exactly in the significance of saying the secondary is not
> authoritative....what metric are you using to measure this and come to that
> conclusion?

If the slave isn't authoritative, it isn't transfering the zone properly 
from the master.  Here's a command that show this:

$ dig comcity.com soa @ns2.comcity.com +norec

; <<>> DiG 9.2.2 <<>> comcity.com soa @ns2.comcity.com +norec
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29707
;; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;comcity.com.                   IN      SOA

;; ANSWER SECTION:
comcity.com.            1000    IN      SOA     ns.comcity.com. 
hostmaster.comcity.com. 2004042001 3600 900 604800 3600

Notice that the "flags:" field doesn't have the "aa" (Authoritative 
Answer) flag.  Also, the TTL is lower than it is on the master; this 
indicates that the information came from the server's cache rather than 
from a zone file.  Compare this with the result from the master server:

$ dig comcity.com soa @ns.comcity.com +norec

; <<>> DiG 9.2.2 <<>> comcity.com soa @ns.comcity.com +norec
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32856
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;comcity.com.                   IN      SOA

;; ANSWER SECTION:
comcity.com.            3600    IN      SOA     ns.comcity.com. 
hostmaster.comcity.com. 2004042001 3600 900 604800 3600

You've been struggling with this for at least a week.  I think it may be 
time for you to give in and hire a professional who knows what he's 
doing.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

More information about the bind-users mailing list